Difference between revisions of "Grindahl-256"
From The ECRYPT Hash Function Website
Crechberger (talk | contribs) |
|||
| Line 42: | Line 42: | ||
=== Best Known Results === | === Best Known Results === | ||
| − | The best collision attack on Grindahl was published by Peyrin. It has complexity of about 2<sup>112</sup> hash evaluations. | + | The best collision attack on Grindahl-256 was published by Peyrin. It has complexity of about 2<sup>112</sup> hash evaluations. There are no known preimage-style attacks. There are also no known attacks on Grindahl-512. |
---- | ---- | ||
Revision as of 12:39, 11 March 2008
Contents
1 Specification
Grindahl-256
- digest size: 256 bits
- max. message length: < 264 bits
- compression function: 32-bit message block, 52 byte state
Grindahl-512
- digest size: 512 bits
- max. message length: < 264 bits
- compression function: 64-bit message block, 104 byte state
- Specification:
Lars R. Knudsen, Christian Rechberger, Søren S. Thomsen - The Grindahl Hash Functions
- FSE 4593:39-57,2007
- http://dx.doi.org/10.1007/978-3-540-74619-5_3
BibtexAuthor : Lars R. Knudsen, Christian Rechberger, Søren S. Thomsen
Title : The Grindahl Hash Functions
In : FSE -
Address :
Date : 2007
2 Cryptanalysis
2.1 Best Known Results
The best collision attack on Grindahl-256 was published by Peyrin. It has complexity of about 2112 hash evaluations. There are no known preimage-style attacks. There are also no known attacks on Grindahl-512.
2.2 Generic Attacks
- Grindahl is not a design follwing the Merkle-Damgaard construction principle. Generic Attacks on Hash Functions
2.3 Collision Attacks
Thomas Peyrin - Cryptanalysis of Grindahl
- ASIACRYPT 4833:551-567,2007
- http://dx.doi.org/10.1007/978-3-540-76900-2_34
BibtexAuthor : Thomas Peyrin
Title : Cryptanalysis of Grindahl
In : ASIACRYPT -
Address :
Date : 2007
